A Continuous Heart-Based Biometric Authentication for Healthcare Internet of Things

  • Laura R. Soares UFRGS
  • Lucas Bastos UFPA
  • Bruno Martins UFPA
  • Iago Medeiros UFPA
  • Dênis Rosário UFPA
  • Jéferson C. Nobre UFRGS
  • Eduardo C. Cerqueira UFPA


The rapid spread of connected objects in healthcare environments, i.e. Healthcare Internet of Things (HIoT), has motivated concerns on data privacy. Thus, security mechanisms are required to restrict access to such data. Biometrics, measurements, and calculations related to human characteristics can be collected from the target biosignal (e.g., electrocardiogram - ECG) and employed for authentication. This work investigates a continuous heart-based biometric authentication system for HIoT. We propose a system to provide authentication mechanisms mainly targeted at preserving users’ privacy and respecting low cost and scalability. This system employs fiducial features from Electrocardiogram (ECG) to produce a security token that corresponds to the user’s identification. We evaluate our system through simulation experiments performed using a Proof of Concept (PoC) implementation and ECG samples from an open database. In these experiments, it is possible to observe the feasibility of our proposal as well as its desirable properties.

Palavras-chave: Healthcare Internet of Things (HIoT), Authentication, Biometrics, biosignal, Electrocardiogram (ECG), and privacy


Barros, A., Resque, P., Almeida, J., Mota, R., Oliveira, H., Rosário, D., and Cerqueira, E. (2020). Data improvement model based on ecg biometric for user authentication and identification. Sensors, 20(10):2920.

Bastos, L., Cremonezi, B., Tavares, T., Rosário, D., Cerqueira, E., and Santos, A. (2021). Smart human identification system based on ppg and ecg signals in wearable devices. In 2021 International Wireless Communications and Mobile Computing (IWCMC), pages 347–352. IEEE.

Bastos, L., Martins, B., Medeiros, I., Neto, A., Zeadally, S., Rosário, D., and Cerqueira, E. (2022). Ensemble learning method for human identification in wearable devices. In 2022 International Wireless Communications and Mobile Computing (IWCMC), pages 1052–1057. IEEE.

Berkaya, S. K., Uysal, A. K., Gunal, E. S., Ergin, S., Gunal, S., and Gulmezoglu, M. B. (2018). A survey on ecg analysis. Biomedical Signal Processing and Control, 43:216– 235.

Biel, L., Pettersson, O., Philipson, L., and Wide, P. (2001). Ecg analysis: a new approach in human identification. IEEE Transactions on Instrumentation and Measurement, 50(3):808–812.

Bormann, C., Ersue, M., and Keranen, A. (2014). Terminology for constrained-node networks. RFC 7228.

Choi, H.-S., Lee, B., and Yoon, S. (2016). Biometric authentication using noisy electrocardiograms acquired by mobile sensors. IEEE Access, 4:1266–1273.

Goldberger, A. L., Amaral, L. A., Glass, L., Hausdorff, J. M., Ivanov, P. C., Mark, R. G., Mietus, J. E., Moody, G. B., Peng, C.-K., and Stanley, H. E. (2000). Physiobank, physiotoolkit, and physionet: components of a new research resource for complex physiologic signals. circulation, 101(23):e215–e220.

Huang, P., Guo, L., Li, M., and Fang, Y. (2019). Practical privacy-preserving ecg-based authentication for iot-based healthcare. IEEE Internet of Things Journal, 6(5):9200– 9210.

Matni, N., Moraes, J., Pacheco, L., Rosário, D., Oliveira, H., Cerqueira, E., and Neto, A. (2020). Experimenting long range wide area network in an e-health environment: Discussion and future directions. In 2020 International Wireless Communications and Mobile Computing (IWCMC), pages 758–763. IEEE.

Nethercote, N. and Seward, J. (2007). Valgrind: a framework for heavyweight dynamic binary instrumentation. ACM Sigplan notices, 42(6):89–100.

Peter, S., Pratap Reddy, B., Momtaz, F., and Givargis, T. (2016). Design of secure ecg-based biometric authentication in body area sensor networks. Sensors, 16(4):570.

Pinto, J. R., Cardoso, J. S., and Lourenço, A. (2018). Evolution, current challenges, and future possibilities in ecg biometrics. IEEE Access, 6:34746–34776.

Seepers, R. M., Strydis, C., Sourdis, I., and De Zeeuw, C. I. (2015). Enhancing heartbeat-based security for mhealth applications. IEEE journal of biomedical and health informatics, 21(1):254–262.

Singh, Y. N. and Singh, S. K. (2012). Evaluation of electrocardiogram for biometric authentication. Journal of Information Security, 3(1):39–48.

Tan, R. and Perkowski, M. (2017). Toward improving electrocardiogram (ecg) biometric verification using mobile sensors: A two-stage classifier approach. Sensors, 17(2):410.

Wang, Z. (2018). A privacy-preserving and accountable authentication protocol for iot end-devices with weaker identity. Future Generation Computer Systems, 82:342–348.
Como Citar

Selecione um Formato
SOARES, Laura R.; BASTOS, Lucas; MARTINS, Bruno; MEDEIROS, Iago; ROSÁRIO, Dênis; NOBRE, Jéferson C.; CERQUEIRA, Eduardo C.. A Continuous Heart-Based Biometric Authentication for Healthcare Internet of Things. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 23. , 2023, Juiz de Fora/MG. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2023 . p. 43-54. DOI: https://doi.org/10.5753/sbseg.2023.233062.

Artigos mais lidos do(s) mesmo(s) autor(es)